Data Protection Day 28.1.2026

Data Protection Day 28.1.2026 focused on the security of the processing of personal data

Data Protection Day was celebrated again on 28 January 2026, for the eighth time. The presentations of the day were compiled around Article 32 of the General Data Protection Regulation (security of processing) and it brought together about 500 data protection experts, authorities and representatives of organisations. The current rapidly changing world situation was found to require resilience to change, a new way of thinking and the defence of rights.

The themes of the day included:

  • Regulatory simplification
  • Data sovereignty
  • European competitiveness
  • European services and innovation in a changing, global world.

The Supervisory Authority’s speeches highlighted the use of European services and the courage to use them, as well as concerns about the redefinition of the concept of personal data. Regarding the simplification of regulation (the “Omnibus project”), it was stated in the proposals that it must not, however, undermine the core of data protection and the basic principles of data protection.

The meeting of the EU-level data protection authorities brought up the idea called “GDPR made easy”. The key idea of this policy is that the authorities commit to providing sufficiently easy tools and instructions to all controllers, but especially to small and medium-sized enterprises. In addition, we will follow with interest the forthcoming guidance from the European Data Protection Board (EDPB) on the following topics:

  • Guidelines for Pay or consent
  • Guidelines on anonymisation and pseudonymisation
  • Coordination of the AI Act and the GDPR
  • Children’s data protection (social media, guidelines on children’s data protection)
  • Guidelines for scientific research

In the various speeches of the day, it was once again emphasized that data protection and the security of the processing of personal data require the awareness and readiness, direction and goals of the entire organization. The national data protection authority had highlighted sufficient resources, the importance of training, the importance of risk assessment and data impact assessment, and the timeliness of these. Data protection has become part of everyday life in organisations.

Privaon can help your organization with the day’s themes and future guidance from the EDPB. We also offer a European software option, the DPO365 service, for data protection and artificial intelligence compliance. If you want to hear more about our services, book a time for a discussion here.